From hardware to HCI

Many businesses are keen to reap the benefits of a hyperconverged infrastructure (HCI). But new technology requires new security measures and the methods of old just won’t cut it. Here, Liviu Arsene, senior E-threat analyst at Bitdefender outlines how to protect HCI from modern-day security threats.

Network-based security is being made redundant by HCI. This technology is simplifying what was previously divided into compute, storage and networking into a single foundation that incorporates all elements. It enables organisations to shorten the process from hardware to software-based hybrid cloud models — which is very appealing in a high-speed business environment where time is money.

However, it is the speed at which this technology moves that makes keeping up a problem for security solutions, and is causing security professionals to rethink how they approach security.

Traditionally, legacy security agents actually sacrifice 35% of the CPU capacity when converting to HCI, resulting in hindered performance and virtualisation density. In an increasingly digital environment, HCI, which is built around agility and fast deployment on the other hand, means that security systems have to follow the same principle — improved performance.

The end of legacy systems

The end of the three-layer infrastructure (compute, storage and networking) means that more organisations are instead embracing application-based security policies that let workloads work with each other across network segments.

This ensures that security policies are enforced automatically on any network configuration. Unlike traditional infrastructure, this is not based on location but instead, on the workload’s role, this makes security more effective and scalable.

Modern enterprises have to adapt to this new way of approaching security. Traditional hardware infrastructures that require full-scale agents running on each endpoint slows systems down and isn’t scalable when adding additional endpoints.

In the past, data centres would rely on firewalls but because of HCI’s extra endpoints, this doesn’t work. That’s not to say that existing security becomes useless. Perimeter firewalls and network segments, for example, can both be used in HCI but there needs to be a greater focus on application security rather than hardware.

Application-based security is the first step in keeping HCI safe but as with most technology, machine learning is also playing a part.

Prevention vs diagnostics

Machine learning is a rising trend and one that is having a big impact on data centres. Not just in terms of improving performance but also in how they are protected.

By implementing “smart” infosec tools that use machine learning to identify and address threats, businesses reduce the chances of being compromised. What’s more is that smart tools can also be custom built for modern software-defined data centre (SDDC) deployments by creating a layered approach that protects against a range of potential threats.

It might be making serious headway in the cybersecurity space, but machine learning should be viewed only as a tool to improve security and should not be relied on as a single security defence. As it stands, there is no single algorithm that is capable of protecting against all cyber attacks, but because of machine learning’s proactive rather than a diagnostic approach, it’s a must when protecting data centres.

Automation is also a key part of machine learning because it reduces the time that security teams have to spend on administrative tasks. HCI is attractive because it streamlines the data centre landscape and offers increased ROI on data investment, adding automated security on the top of that means that it leaves more time for IT teams to concentrate on strategic decisions such as planning should there be a breach.

Considering the options

Protecting HCI can be complicated because it requires a fair amount of consideration. Organisations have to find a solution that integrates seamlessly with the infrastructure, while making sure not to burden virtual workloads. If this isn’t done properly, HCI won’t be worth the time or monetary investment as performance will be poor as a result of not being able to leverage the capability and scalability benefits.

The reason that HCI is so popular with organisations is because of the increased ROI on data investment, the ability to facilitate agile service provisioning and scalability to match high-growth companies targets. The move is generally part of an overall digitalisation strategy, but by not updating the security to go with it, businesses can expect to see little benefit.

Whether it’s switching to an HCI model or implementing any technology within an organisation, there is always a risk when it comes to cybersecurity. As fast as an organisation can update its technology, a hacker can create a new way to compromise it. This is why it’s critical for businesses to keep security systems up to date.

Moving from hardware to HCI requires IT teams to totally rethink the way they use and store data. It’s a lengthy process but one that can be fruitful if implemented properly. However, in just the last few months alone stories like Collection #1 and the Marriot/Quora data breaches show the lengths that cybercriminals will go to get hold of data. It’s naive for businesses to not protect it properly.